Interop: Giants, Start-ups Examine Open Source

Playing the Open Source Game

December 21, 2005

From giants such as Sun and Computer Associates (CA) to start-ups such as Sourcefire and GroundWorks, companies are now stepping in to the open source market from a variety of directions and perspectives, as evidenced at last week's Interop show in New York City.

In fact, revenue opportunities from open source models served as the main focus of one panel session. Moderated by Michael Rotnick, a partner in the VC firm ComVentures, the roundtable featured speakers from the XORP (eXtensible Open Routing Platform), Sourcefire, GroundWorks, and Route Logics, a start-up so new that it doesn't even have a Web site yet.

Elsewhere at the show, representatives of CA and OATH (Initiative for Open AuTHentication) gave their takes on why big OEMs, small software developers, and service providers of different sizes are converging in the open source space.

As Route Logic's Dave Roberts sees things, there are lots of chances for service providers to pitch in with the tech support needed to help smooth the pathway for open source software.

Among customer organizations today, open source tends to be a "bottoms up" play, said Roberts, who is VP of strategy for Route Logics.

"(Open source software) gets into the organization when (someone) sees (that), 'I can use this to do something'," according to Roberts.

But to achieve company-wide adoption, open source enthusiasts need to convince management about the merits of a particular product or project.

Managers want to know, "Do we really want to run our business on it?"

Yet corporate acceptance can go a lot easily these days than it did five years ago.

"You've got a lot more real business applications. Open source solutions are now fairly well accepted," Roberts contended.

Meanwhile, on a different level, systems vendors such as Sun and Oracle are also dabbling in open source, trying to broaden their markets to new breeds of users, according to the strategist.

"The CIO comes in (to and organization) and says, 'Who's going to support this?'" agreed Ranga Rangcchari, CEO of SourceWorks, a multifaceted software and services company with activities that include developing, productizing, and servicing open source solutions.

But SourceWorks considers midrange companies to be its "market sweet spot" for open source, according to Rangachari.

Why? Medium-sized customers tend to be more swayed by pricing considerations, the CEO said.

Sourcefire, on the other hand, has faced relatively little opposition to its intrusion detection system (IDS), according to James Brvenik, the company's director of security engineering.

But that's because "there's really nothing else that does what Snort does," Brvenik maintained.

Sourcefire was founded by Snort's creator to enhance the open source IDS's core functionality.

Meanwhile, researchers at the Computer Science Institute in Berkeley and other academic venues are working on an open source project known as XORP, according to Mark Handley, a professor of networked systems at University College London

Right now, most revenue opportunities for XORP revolve around integrating the software with existing commercial solutions, Handley told the Interop showgoers.

"We aren't there yet" with regard to services, Handley admitted. But the services model is where XORP seems to be headed, according to the professor.

In an interview later with LinuxPlanet, Melvin Estrada, Computer Associates' business manager for Unicenter, gave his perspective as an employee of a big systems vendor

"We definitely have an interest in open source," according to Estrada.

CA has released its Ingres database into open source under the CA Trusted Source License (CATSL).

Estrada acknowledged that some of CA's interest is competitively based, since other systems vendors are also growing active in open source.

"We want to widen our footprint," according to the business manager.

"But we also want to keep a keen eye on open source to see how it's evolving. This is an early market, and the rules of the commercial market don't apply."

Another exhibitor at Interop, OATH, is now partnering with open source projects such as Safehaus and the Apache Software Foundation, according to David Berman, membership chair of the multivendor consortium.

OATH is trying to establish an open and royalty-free specification for strong authentication that takes advantage of existing standards wherever possible, said Berman, during a meeting with LinuxPlanet in OATH's large expo booth.

The 30-or-so members of the industry group include big names like IBM, Verisign, BMC, and Citrix, along with dozens of smaller security specialists, according to Berman, who is also director of partner marketing for Verisign Security Services.

In August, open source organization Safehaus announced that it has used the OATH framework to integrate OpenSource HOTP with its own Triplesec Authentication Server and HausKeys HOTP-based token system.